How to Setup Kerberos Server and Client on Ubuntu

shivani singh
August 16, 2021

Step by Step Guide to Setup Kerberos Server & Client on Ubuntu 20.04 LTS

Kerberos is a network authentication protocol. It is used for authentication purpose. It provides secure communication interface between server & client. It is used in POSIX authentication, Active Directory, NFS, and Samba.

Step 1 – Update the System.

apt-get update

Step 2 – Set the hostname on both server & client.

On Server,Provide the host-name.

hostnamectl set-hostname host-name server.host-name

On client System,Provide the host name.

hostnamectl set-hostname client.host-name

Open the host file on both server & client system.

vim /etc/hosts

Mention the following lines on both server & client system.

server-ip server.host-name

client-ip client.host-name

Step 3 – Install the Kerberos on server system.

apt-get install krb5-kdc krb5-admin-server krb5-config

Here is the Command Output.
Provide the Kerberos Realm (host-name).
Click ok.

Provide the kerberos server Realm (server.host-name).
Click Ok.

Provide the Administrative Server for kerberos Realm (server.host-name).
Click Ok.

Click Ok.

Step 4 – Configure the Kerberos Server.

krb5_newrealm

provide a secure password.

Step 5 – Add the admin user. Open file kadm5.acl.

vim /etc/krb5kdc/kadm5.acl

Mention the following line:

*/admin *

Add the admin user to the Kerberos database.

kadmin.local

Provide the admin user name & Password.

Restart the Kerberos server.

systemctl restart krb5-admin-server

Check Kerberos server status.

systemctl status krb5-admin-server

Here is the command output.

Step 6 – Install Kerberos Client on client system.

apt-get install krb5-user

Provide the Kerberos Realm (host-name).

Click ok.

Provide the kerberos server Realm (server.host-name).

Click Ok.

Provide the Administrative Server for kerberos Realm (server.host-name).

Click Ok.

Step 7 – Login to the Kerberos server.Provide the admin user name & password.

kinit admin-user-name

Run the following command to get Ticket .

Klist

Check authentication.Run the following command on server system.

kadmin.local

Provide the admin-user name.

kadmin.local: getprinc admin-user-name

Its Done.

Leave a Reply Cancel reply

You must be logged in to post a comment.

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Performance

Analytics

Others